Userlevel access

Greetings from Sweden.

I was recently introduced to Yii and I was amazed. All the generated code is amazing. I’ve been testing around a bit.

I’ve been creating a crud for “Users” model which contain username, password, salt and userlevel. I want to just give all with > userlevel than like 2 to have access to certain things.

If I understood correctly it is accessRules() method that control the access. How do I grab the userlevel and then compare to the current user logged in (or something like that) Do I only need to modify accessRules() in order to get this to working?

Thanks.

hello, you can use the RBAC(a bit complex but more robust) or learn more on accessRules()(this is more easier to implement).

alternatively you can have a helper class for lookup and access control.

Hello and thanks for your reply.

I will check it out! What is RBAC?

Hi and welcome to the Yii forum

When posting to the forum, please pay attention to post in the proper section…

you made this post in the Yii 1.0.x section… as you are new to Yii and this version is deprecated I doubt you will start with this version :D

For RBAC check this documentation - http://www.yiiframework.com/doc/guide/1.1/en/topics.auth#role-based-access-control

RBAC seem very cool. But I’m not really sure what I need to store in the database in order to keep track of what user role the logged in user have. Are there any more specific article about this?

Thanks! And sorry for posting in the wrong section, early in the morning, developing :)

This wiki article seems will be usefull for you:

WIKI-RBAC

Thank you, I guess I need to look on “CDbAuthManager” library to get Database user authentication, well I’ll look over it later!

How do I call the No Authorization If the if-statement

    if(Yii::app()->user->checkAccess('createUser')) {

fails?

Thanks

Bump!

Still need help :)

can you explain better your question… what you mean with "no authorization"

if the check fails you can throw an exception… or display a nice message…

How do I display a nice message?